ownbackup logo



      View OwnBackup’s response to the EU Court of Justice’s decision invalidating the EU-US Privacy Shield:



Privacy Policy

OwnBackup.com knows that you care how information about you is used and shared, and we want you to know that we will do so carefully and in compliance with applicable laws. 

  • This notice describes our Privacy Policy as it pertains to OwnBackup as a data controller in connection with our activities such as marketing, sales and events, and as a data processor as specifically referred to below.
  • A reference to “OwnBackup,” “we,” “us,” “our,” or the “company” is a reference to OwnBackup.com, Inc.

  1. Personal Data
  2. When you use our website
  3. When you submit a form via our website
  4. When you use our service
  5. Cookies, web beacons, and other tracking technologies
  6. How we share information we collect
  7. Opt out of communications
  8. OwnBackup as a Data Processor
  9. Your rights as a Data Subject
  10. How we secure information we collect
  11. International Data Transfer
  12. Data Protection Officer
  13. Terms of Service, Notices, and Revisions
  14. Contacting Us

Personal Data

If Information is aggregated or de-identified so it is no longer reasonably associated with an identified or identifiable natural person, OwnBackup may use it for reasonable business purposes. To the extent information is associated with an identified or identifiable natural person and is protected as Personal Data under applicable data protection laws, it is referred to in this Privacy Policy as “Personal Data.”

When you use our website

When you use our website to browse the information we make available, browser cookies are used by us and third parties to allow our website to function and collect useful information about visitors. Our website, hosted by a third-party hosting provider, automatically stores server logs containing Browser Information (browser type, IP (Internet Protocol) address, geographical location, referral source, length of visit, the pages and files you interacted with, and operating system type). This information is used for administrative, network, security and statistical purposes.

When you submit a form via our website

When you submit a form via our website, sign up for a webinar, use our Contact Us feature or request customer support, we ask you for your name, business email, company name, number of employees, your role, country, and any pertinent information you voluntarily provide in a message field and the IP (Internet Protocol) address of the browser that submitted the form.

We use this information to respond to your query, including providing you with any requested information about our services. This information is also used to contact visitors about their interest in our company’s services.

We use web Browser to operate and improve our websites and services. We may also use Browser Information alone or in combination with Personal Data to provide you with personalized information about our service.

We do not use the information you provide to make any automated decisions that might affect you.

We may retain data for a period of time consistent with the original purpose of collection and legal basis. OwnBackup determines the appropriate retention period for data based on the nature, sensitivity, risk of harm and applicable legal requirements. After expiry of the retention period, OwnBackup will delete the data. Should there be any data that we are unable, for technical reasons, to completely delete from our infrastructure, we will ensure appropriate controls and measures are in place to prevent any further use of the data.

We keep inquiry emails for up to five years, after which they are deleted. Customer relationship management records are kept for up to five years after the last contact with you after which they are deleted.

When you use our service

When you sign up for our services, we ask you for your name, phone number, company name, number of employees, email, password (we do not have access to your password) and your acceptance of our Subscription Services Agreement.

When you utilize our services to backup or archive your corporate application data, we may retain this data for a period of time consistent with the original purpose of collection. You choose to determine the appropriate retention period in the administrative portal of our service. At the termination of the contract, we will delete the backed-up data within 30 days.

We do not sell your personal information for the intent and purposes of the California Consumer Privacy Act (CCPA).

Cookies, web beacons, and other tracking technologies

When you use our website, service, or receive marketing emails from us, we use cookies and similar technologies (such as web beacons) from our service or authorized third parties to administer the service, gather aggregated demographic information about visitors accessing our site as a whole, and interaction with emails from us. 

You can control the use of cookies at the individual browser level. To opt-out from data collection by Google Analytics you can download and install a browser add-on, which is available here.

We may also use web beacons, such as in marketing emails that notify us when you click on a link to our service in the email. Such tracking technologies are used to operate and improve our email communications.

How we share information we collect

We work with authorized third-party service providers for virtual hosted infrastructure (currently Amazon Web Services and Microsoft Azure). These providers are contractually bound not to access stored data. However, data that we have received on the basis of consent, as a controller, may be stored on third party contracted email and marketing platforms.

Opt out of communications

You may opt out of receiving marketing or sales communications from us by using the unsubscribe link in the bottom of our emails, updating your email preferences within your OwnBackup account settings, or by contacting us below to request your contact information be removed from our marketing list. Please note that if you opt out from receiving marketing communication from us, you may still receive important transactional, administrative or service announcements and security related information.

OwnBackup as a Data Processor

OwnBackup provides our Customers with Software as a Service (SaaS) services through which our Customers choose to backup or archive their data running on our platform. In this capacity, OwnBackup is the Data Processor (or “service provider” under CCPA) of data and our Customers are the Data Controllers, responsible establishing a legal basis for the collection, processing, consent, disclosure and responding to Data Subject Rights requests concerning the data they control.

OwnBackup as a Data Controller

OwnBackup is the Data Controller (or “business” under CCPA) of our visitors’ personal data, such as profile and contact details, submitted directly to us through our website for marketing and analytics purposes or by other means. OwnBackup is the “Processor” of any personal data contained in customer data we are processing on behalf of the “Data Controller”, our Customers. In these instances, 

Your GDPR Rights as a Data Subject (for EEA individuals)

If you are an individual in the EEA, we collect and process information about you only where we have legal bases for doing so under applicable EU laws.

We only process your Personal Data:

  • as necessary to enter into a contract with you, to perform our contractual obligations, to respond to requests from you, or to provide support;
  • where we have a legitimate interest (such as to market and promote OwnBackup services;
  • as necessary to comply with relevant law and legal obligations, including to respond to lawful requests and orders; or
  • with your consent.

If you have consented to our use of your Personal Data, subject to applicable law, you have the right to:

  • ask whether we hold Personal Data about you and request copies of such personal information and information about how it is processed;
  • request that inaccurate Personal Data is corrected;
  • request deletion of Personal Data that is no longer necessary for the purposes underlying the processing, processed based on withdrawn consent, processed in non-compliance with applicable legal requirements or if you believe we are not doing so lawfully;
  • request the restriction of processing the Personal Data where the processing is inappropriate;
  • object to the processing of Personal Data if you believe we are not doing so lawfully;
  • request portability of Personal Data that you have provided to us where the processing of such personal information is based on consent or a contract with you; and 
  • lodge a complaint with our supervisory authority of your country or EU Member State: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.

If you wish to exercise your rights under any applicable law, including GDPR or the California Consumer Privacy Act (CCPA), such as the right to request access to, and rectification or erasure of your Personal Data, or to restrict or object to such Personal Data’s processing, or to transfer such Personal Data, or the right to equal services and prices (each to the extent available to you under the laws which apply to you), please contact support@ownbackup.com.

To exercise your rights of access, rectification, erasure, restriction, objection, and data portability regarding your Personal Data, you may do so by email, mail or phone by using the contact information provided at the bottom of this Privacy Policy. We will try to respond to all legitimate requests within a reasonable timeframe and may contact you should we require additional information in order to honor your request.

We may also process Personal Data in the role of a data processor (see "OwnBackup as a Data Processor" section above). If your data has been submitted to us by an OwnBackup corporate customer and you wish to exercise rights you may have under applicable data protection laws, please inquire with our corporate customer directly. In some cases, we may not have access to data, thus if you wish to make your request directly to us, please provide the name of the OwnBackup corporate customer who submitted your data when you contact us. We will refer your request to that customer and support them as needed in responding to your request within a reasonable timeframe.

How we secure information we collect

At OwnBackup, we design our systems with security and privacy in mind. We maintain numerous technical, procedural and organizational technologies and safeguards designed to help protect customer and Personal Data. We protect the security of customer and Personal Data provided to us in securely hosted facilities and during the transmission to or from OwnBackup using encryption protocols and other software. These steps take into account the current state of technology and sensitivity of the information we collect, process and store.

We follow industry accepted standards to protect Personal Data. However, you are solely responsible for protecting your password, limiting access to your computer, OwnBackup account and signing out of the OwnBackup platform after your sessions.

To learn more about our current practices and policies regarding security and confidentiality of the OwnBackup platform, please see our Security Controls.

International Data Transfer Contractual Terms

Your Personal Data may be collected, transferred to or stored by us in the United States or in other countries where we operate, depending on our contractual commitments. Whenever we transfer personal information to other jurisdictions, we will ensure that the information is transferred in accordance with this Privacy Policy and as permitted by applicable data protection laws.

When we transfer your Personal Data outside the European Economic Area (“EEA”) or Switzerland, we do so in accordance with the terms of this Privacy Policy and applicable data protection law. This may include the transfer of data in accordance with the EU-US and Swiss-US Privacy Shield frameworks or pursuant to data transfer agreements that incorporate the Standard Contractual Clauses approved by the EU Commission.

Privacy Shield Frameworks for Data Transferred to the United States from the EU/Switzerland

OwnBackup complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States pursuant to the Privacy Shield. OwnBackup has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms of this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/list

We are responsible for the processing of Personal Data received directly from individuals and indirectly through our corporate customers under the Privacy Shield Frameworks.

With respect to Personal Data received or transferred pursuant to the Privacy Shield Framework, OwnBackup is subject to the regulatory and enforcement powers of the U.S. Federal Trade Commission.

Pursuant to the Privacy Shield Frameworks, EU and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States.  Upon request, we will provide you with access to the personal information that we hold about you.  You may also correct, amend, or delete the personal information we hold about you.  An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to support@ownbackup.com.  If requested to remove data, we will respond within a reasonable timeframe.

We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized.  To request to limit the use and disclosure of your personal information, please submit a written request to support@ownbackup.com.

In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

In compliance with the Privacy Shield Principles, OwnBackup commits to resolve complaints about your privacy and our collection or use of your personal information. European Union or Swiss individuals with inquiries or complaints regarding this privacy policy should first contact OwnBackup at:  privacy@ownbackup.com.

OwnBackup has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.

If your complaint involves human resources data transferred to the United States from the EU and/or Switzerland in the context of the employment relationship, and OwnBackup does not address it satisfactorily, OwnBackup commits to cooperate with the panel established by the EU data protection authorities (DPA Panel) and/or the Swiss Federal Data Protection and Information Commissioner, as applicable, and to comply with the advice given by the DPA panel and/or Commissioner, as applicable, with regard to such human resources data. To pursue an unresolved human resources complaint, you should contact the state or national data protection or labor authority in the appropriate jurisdiction. Complaints related to human resources data should not be addressed to the BBB EU PRIVACY SHIELD.

Contact details for the EU data protection authorities can be found at http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm

If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms.  See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction

Are Children Allowed to Use OwnBackup.com?

OwnBackup.com does not provide services to individuals under the age of 18. Wo do not knowingly collect personal information from children under the age of 18.

Data Protection Officer

To communicate with our Data Protection Officer, please email dpo@ownbackup.com.

Terms of Service, Notices, and Revisions

If you choose to visit OwnBackup.com, your visit and any dispute over privacy is subject to our Privacy Policy and our Subscription Services Agreement. We periodically update this Privacy Policy. We will post any privacy policy changes on this page and if the changes are significant, we will send you an email notification, provide a prominent notice by adding a notice on our Portal and website. We, however, encourage you to periodically review this Privacy Policy page for updates. 

Contacting Us

To exercise your rights regarding your Personal Data or if you have any questions about this Privacy Policy, please contact our support at support@ownbackup.com. For privacy questions or concerns, please either contact privacy@ownbackup.com or by mail to:

OwnBackup Inc.
Attention: Privacy
940 Sylvan Ave
Englewood Cliffs, NJ 07632

Last Updated: Dec 31, 2019